package com.lambda.cloud.config;

import com.lambda.security.encoder.StandardPasswordEncoder;
import com.lambda.security.inteceptor.SecureInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.password.PasswordEncoder;

@SuppressWarnings("all")
@Configuration
public class SecurityConfig {

    /**
     * 自定义安全扩展拦截器
     *
     * @return
     * @see https://sa-token.cc/doc.html#/use/route-check
     */
    @Bean
    public SecureInterceptor secureExtendInterceptor() {
        return (handler, stpLogic, loginUser) -> {
            // 角色校验 -- 拦截以 admin 开头的路由，必须具备 admin 角色或者 super-admin 角色才可以通过认证
            //            SaRouter.match("/user/**", r -> stpLogic.checkRoleOr("admin", "super-admin","ROLE_HMAC"));
        };
    }

    /**
     * 自定义密码加密
     *
     * @return
     */
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new StandardPasswordEncoder();
    }
}
